Changing Your Public IP on Home Internet

Sometimes, when you’re using a Linux server as your home router/Internet gateway, you need to change your public IP. I won’t go into the reason(s) why, because they don’t really matter. Maybe you accidentally exposed the proxy port (mostly just for your kids to protect their Internet access) directly to the Internet and ended up blacklisted by most things on the Internet, who knows? Best not to dwell on the hypothetical.

At first, it seems obvious: just release and renew with your DHCP client. A quick dhclient -r enp4s0 (or whatever your interface name is) seems like the solution. But ISPs are too smart for that. Maybe try turning off your cable modem and leaving it off for a few minutes? Nope. None of this works because of how ISPs (and really, most any DHCP server) handle DHCP leases: they’re tied to the MAC address of your network interface. This means that when your network interface’s MAC address is seen by their DHCP server, it’ll offer it the same IP. This makes sense for ISPs to do; they can tie an IP to a customer based on their physical device.

So how does your ISP know your MAC address? Your machine sends it when it makes a DHCP “discover” or request. You can’t just send something different to trick them though… If they map an IP to something other than your machine’s MAC address, ARP will make sure traffic to that IP will never reach your machine.

The solution: change the MAC address associated with your network interface. MAC spoofing, as it is called, is a pretty common extra layer of protection for WiFi users through MAC address randomization. Essentially, through software, your machine advertises and listens for some different MAC address and ignores requests to its physical address. This is temporary (since it doesn’t actually change your network interface); I reset mine automatically when my network interface goes down or comes back up.

I discovered the macchanger tool and I use it in my /etc/network/interfaces file via some pre-up lines:

It looks more complicated than it is, but the macchanger command will exit in an unhappy way if you try to set or reset the MAC address to its current value (such a picky tool). By forcing it to something random, I can safely run ifdown and ifup any time and it’ll have the desired effect.

With this, I was able to set a fake MAC. The one above isn’t my real MAC, but it demonstrates how it works. Just be sure to use arping to confirm that nobody else is using the same MAC (and even this won’t guarantee, so you may have to try more than once).

You will still likely need to reset your CPE (like your cable modem) and leave it off for a bit for the ISP to give your new MAC an IP, but this worked well for me.

Leave a Reply